add support for ssh keys

tasks/groups.yml

@@ -5,9 +5,9 @@
       gid: "{{ omit }}"
 
 - set_fact:
-    group: "{{ defaultgroup|combine(item.value|d({}), {'name': item.key} ) }}"
+    group: "{{ defaultgroup|combine(currentgroup.value|d({}), {'name': currentgroup.key} ) }}"
 
-- name: create groupss
+- name: create groups
   group:
     name: "{{ group.name }}"
     system: "{{ group.system }}"

tasks/main.yml

@@ -1,9 +1,13 @@
 - name: handle groups
-  with_dict: "{{ accounts.groups }}"
+  loop: "{{ accounts.groups|dict2items }}"
+  loop_control:
+    loop_var: currentgroup
   include_tasks:
     file: groups.yml
 
 - name: handle users
-  with_dict: "{{ accounts.users }}"
+  loop: "{{ accounts.users|dict2items }}"
+  loop_control:
+    loop_var: currentuser
   include_tasks:
     file: users.yml

tasks/users.yml

@@ -3,17 +3,18 @@
       genssh: false
       group: ~
       groups: []
-      home: "{{ ('/var/lib/'+item.key) if (item.value.system|d(True)) else ('/home/'+item.key) }}"
+      home: "{{ ('/var/lib/'+currentuser.key) if (currentuser.value.system|d(True)) else ('/home/'+currentuser.key) }}"
       system: true
       state: present
       uid: "{{ omit }}"
       password: "*"
       shell: "/usr/sbin/nologin"
+      authorized_keys: {}
 
 - set_fact:
-    user: "{{ defaultuser|combine(item.value|d({}), {'name': item.key} ) }}"
+    user: "{{ defaultuser|combine(currentuser.value|d({}), {'name': currentuser.key} ) }}"
 
-- name: create users
+- name: "create user ({{ user.name }})"
   user:
     name: "{{ user.name }}"
     generate_ssh_key: "{{ user.genssh }}"
@@ -26,3 +27,10 @@
     uid: "{{ user.uid|d(omit) }}"
     password: "{{ user.password }}"
     shell: "{{ user.shell }}"
+
+- name: "setup ssh key(s) ({{ user.name }})"
+  loop: "{{ user.authorized_keys|dict2items }}"
+  authorized_key:
+    user: "{{ user.name }}"
+    key: "{{ item.value }}"
+    comment: "{{ item.key }}"